1. For the past hours, we've monitored massive DNS lookups initiated from the inside to outside for resolution, enough to flood the link therefore slowing the pace at which we can work. Have any of you seen this kind of behaviour ? One company is currently monitoring the same situation elsewhere, same criteria. 2. And in between the previous point,, we have many request asking for time updates on port 37, which I never saw before. Any ideas ? 3. Have a nice day to all Steve Waterhouse, CD OSSI / ISSO Campus St-Jean-sur-Richelieu Ecole de Perfectionnement en Gestion des Forces Canadiennes, Détachement du Collège Militaire Royale du Canada / Canadian Forces Management and Developpement School, Detachment of the Royal Military College of Canada Académie Canadienne de la Défense / Canadian Defence Academy Ministère de la Défense Nationale /Department of National Defence Canada --------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications - Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.securityfocus.com/sponsor/CaptusNetworks_incidents_030814 ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Aug 19 2003 - 20:57:31 PDT